Whitelisting

Simplify will use a Whitelisting process to determine which accounts can be exempted from encryption of PCI-sensitive data and returned to the POS unencrypted.

  • Data for accounts in the whitelist will not be sent to the host, but returned to the POS unencrypted for use as determined by the merchant (whitelist response).

    • Exception: Sensitive data for PCI-protected accounts (i.e. for accounts in the blacklist) will never be sent to the POS unencrypted, even if the PAN is included in the whitelist.
  • PCI-sensitive data fields for non PCI-protected accounts not in the whitelist (i.e. for accounts not in the whitelist or blacklist) will normally be encrypted.

    • Exception: If there is an encryption failure (not caused by system failure), sensitive data for these accounts can be sent unencrypted.
  • To trigger a whitelist response, the POS sends a financial request. Please see sample transaction with Whitelist Response below.

If you want to use a whitelist, please contact your Elavon representative for whitelist configuration.